CVE-2018-15687

Опубликовано: 26 окт. 2018

Источник: debian

Описание

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
systemd	fixed	239-11		package
systemd	not-affected		stretch	package
systemd	not-affected		jessie	package

Примечания

https://bugs.chromium.org/p/project-zero/issues/detail?id=1689
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796692
https://github.com/systemd/systemd/pull/10517

Связанные уязвимости

CVE-2018-15687

CVSS3: 7

ubuntu

больше 7 лет назад

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

CVE-2018-15687

CVSS3: 6.3

redhat

больше 7 лет назад

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

CVE-2018-15687

CVSS3: 7

nvd

больше 7 лет назад

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

CVE-2018-15687

CVSS3: 7

msrc

больше 5 лет назад

Описание отсутствует

GHSA-wxcv-623q-99fj

CVSS3: 7

github

больше 3 лет назад

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.